OfficeAndAzureTools

9.10.10

Scripts/Intune.ps1

                                
Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope Process -Verbose -Force

Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force -Verbose

Set-PSRepository PSGallery -InstallationPolicy Trusted -Verbose

Install-Module PowershellGet -Force -Verbose

Install-Script -Name Get-WindowsAutoPilotInfo -Force -Confirm:$false -Verbose

$Serialnumber = Get-CimInstance win32_bios | Select-Object -ExpandProperty SerialNumber

$OutputFile = "C:\$($Serialnumber).csv"

. "C:\Program Files\WindowsPowerShell\Scripts\Get-WindowsAutopilotInfo.ps1" -OutputFile $OutputFile -Verbose

Get-Content $OutputFile -Verbose

# Sync all devices

$Devices = Get-MgDeviceManagementManagedDevice -All

$Devices | ForEach-Object -ThrottleLimit 10 -Parallel {

    Write-Host -ForegroundColor Yellow "Syncing $($_.id) - $($_.DeviceName)"

    Sync-MgDeviceManagementManagedDevice -ManagedDeviceId $_.id

}

# Device compliance

$MgDeviceManagementManagedDevice = Get-MgDeviceManagementManagedDevice -All

$NonCompliantDevices = $MgDeviceManagementManagedDevice | Where-Object ComplianceState -NE "compliant" #| Where-Object LastSyncDateTime -GT ((Get-Date).AddDays(-30))

$Devices = @()

$NonCompliantDevices | ForEach-Object {

    $obj = [PSCustomObject]@{

        ID                  = $_.Id

        DeviceName          = $_.DeviceName

        ComplianceState     = $_.ComplianceState

        NonCompliantSetting = (Get-MgDeviceManagementManagedDeviceNonCompliantSetting -ManagedDeviceId $_.id -ea 0 | Select-Object -Unique Setting).Setting -join "`n"

        LastSyncDateTime    = $_.LastSyncDateTime

        EnrolledDateTime    = $_.EnrolledDateTime

        Model               = $_.Model

        OSVersion           = $_.OSVersion

        UserPrincipalName   = $_.UserPrincipalName

    }

    $Devices += $obj

}

$Devices

# App versions

$Apps = Get-MgDeviceAppManagementMobileApp -All

$Apps = $Apps | Where-Object { ($_.AdditionalProperties."@odata.type" -ne "#microsoft.graph.managedIOSStoreApp") -and ($_.AdditionalProperties."@odata.type" -ne "#microsoft.graph.managedAndroidStoreApp") }

$Apps | Select-Object id, DisplayName

# Apps

$AllApps = Get-MgDeviceAppManagementMobileApp -All

$AllApps | Format-Table

$AllApps = $AllApps | Where-Object { ($_.AdditionalProperties."@odata.type" -ne "#microsoft.graph.managedIOSStoreApp") -and ($_.AdditionalProperties."@odata.type" -ne "#microsoft.graph.managedAndroidStoreApp") }

$AllApps = $AllApps | Where-Object { ($_.AdditionalProperties.'@odata.type' -EQ "#microsoft.graph.iosVppApp") }

$AllApps | Format-Table

$SelectedApps = $AllApps | Select-Object '@odata.type', id, displayName, publisher | Out-GridView -OutputMode Multiple -Title "Select Apps"

$SelectedApps | Format-Table

# New-MgDeviceAppManagementMobileAppAssignment -MobileAppId -Intent available -

Invoke-GraphRequest -Uri "https://graph.microsoft.com/beta/deviceManagement/managedDevices/" | Select-Object -ExpandProperty value | ForEach-Object {

    # Write-Host $_.id

    Invoke-GraphRequest -Uri "https://graph.microsoft.com/beta/deviceManagement/managedDevices/$($_.id)" | Select-Object deviceName, model, chassisType

} | Format-Table -AutoSize